CVE-2023-49221

Precor touchscreen console P62, P80, and P82 could allow a remote attacker within the local network to bypass security restrictions, and access the service menu, because there is a hard-coded service code...

CVE-2024-5542

The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Navigation Menu widget of the plugin's Mega Menu extension in all versions up to, and including, 2.0.6.1 due to insufficient inpu...

CVE-2024-5542

The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Navigation Menu widget of the plugin's Mega Menu extension in all versions up to, and including, 2.0.6.1 due to insufficient inpu...

CVE-2024-5542 Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.1 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via Navigation Menu Widget

The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Navigation Menu widget of the plugin's Mega Menu extension in all versions up to, and including, 2.0.6.1 due to insufficient inpu...

CVE-2024-5542

CVE-2024-5542 affects Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor (Mega Menu) for WordPress. It is a Stored XSS via the Navigation Menu widget in the Mega Menu extension in all versions up to 2.0.6.1, caused by insufficient input sanitization and outp...

CVE-2024-4042

The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' attribute of the menu-wrap-item block in all versions up to, and including, 2.2.80 due to insufficient input...

Exploit for SQL Injection in Valvepress Automatic

Badges !MIT Licensehttps://img.shields.io/badge/Licens...

CVE-2024-3987

The WP Mobile Menu – The Mobile-Friendly Responsive Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt text in all versions up to, and including, 2.8.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

CVE-2024-3987 WP Mobile Menu – The Mobile-Friendly Responsive Menu <= 2.8.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Alt

The WP Mobile Menu – The Mobile-Friendly Responsive Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt text in all versions up to, and including, 2.8.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

CVE-2024-3987

CVE-2024-3987 : The WP Mobile Menu – The Mobile-Friendly Responsive Menu plugin for WordPress is vulnerable to Stored XSS via image alt text in all versions up to 2.8.4.2, caused by insufficient input sanitization and output escaping. The vulnerability could be triggered by an authenticated attac...

WordPress WP Mobile Menu plugin <= 2.8.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Alt vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Image Alt vulnerability discovered by stealthcopter in WordPress Plugin WP Mobile Menu versions = 2.8.4.2...

WordPress WP Mobile Menu Plugin <= 2.8.4.2 is vulnerable to Cross Site Scripting (XSS)

Software WP Mobile Menu Type Plugin Vulnerable versions = 2.8.4.2 Fixed in 2.8.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3987 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9e7bd93097ab Credits stealthcopter Require...

PT-2024-13696 · Precor · Precor P80 +2

Name of the Vulnerable Software and Affected Versions: Precor touchscreen console P62, P80, and P82 Description: The issue allows a remote attacker within the local network to bypass security restrictions and access the service menu due to a hard-coded service code. Recommendations: For Precor...

Precor Touchscreen Console Security Vulnerability

Precor touchscreen console P62 and Precor touchscreen console P82 are both a touchscreen console from Precor USA. A security vulnerability exists in the Precor Touchscreen Console that stems from the presence of hard-coded service code that could allow a remote attacker to bypass security...

WordPress plugin Combo Blocks security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress plugin WP Mobile Menu security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2023-49221

CVE-2023-49221 affects Precor touchscreen consoles P62, P80, and P82. The root cause is a hard-coded service code that enables a remote attacker on the local network to bypass security restrictions and access the service menu. CVSSv3.1 base score is 7.8 (HIGH) with LOCAL attack vector, LOW access...

WordPress plugin Master Addons security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2023-49221

Precor touchscreen console P62, P80, and P82 could allow a remote attacker within the local network to bypass security restrictions, and access the service menu, because there is a hard-coded service code...

WP Mobile Menu – The Mobile-Friendly Responsive Menu < 2.8.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Alt

Description The WP Mobile Menu – The Mobile-Friendly Responsive Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt text in all versions up to, and including, 2.8.4.2 due to insufficient input sanitization and output escaping. This makes it possible for...